Security of NFC
The NFC Forum has what seems to be an extremely optimistic claim about the security of near-field communications. Here's what they claim:
Because the transmission range is so short, NFC-enabled transactions are inherently secure.
NFC is a wireless technology that's designed to work over fairly short distances - 10 centimeters or less. The NFC Forum seems to think that this short range makes NFC technology inherently secure. I'm fairly sure that this isn't true.
Because lots of the uses that are anticipated for NFC are things like mobile payments, making sure that NFC is reasonably secure is important, and relying on NFC being inherently secure because of its short range probably isn't a good way to do this. Even over a distance of only 10 centimeters, you still need to encrypt any sensitive data that you're transmitting.
For the metric impaired, 10cm is about 4 inches (3.93700). A near-field antenna can be as thin as a human hair and made effectively invisible. This means that capture of data can be accomplished by placing a device within 10 cm of the legitimate receiver. As Luther stated, encryption is essential to the security of NFC.
Posted by: Ralph Spencer Poore | Wednesday, 01 September 2010 at 07:55 PM